Microsoft has released a FixIt tool for the unpatched LNK Windows shell vulnerability and also has updated its guidance on how to deal with the flaw. The company also said it is continuing to work on developing a patch for the vulnerability.
The FixIt tool that Microsoft published Tuesday mitigates the vulnerability by disabling the display of icons in the task bar and the Windows menu. It doesn’t entirely patch the vulnerability, but it helps mitigate one of the attack vectors.
“The vulnerability exists because Windows incorrectly parses shortcuts
in such a way that malicious code may be executed when the icon of a
specially crafted shortcut is displayed. This vulnerability can be
exploited locally through a malicious USB drive, or remotely via network
shares and WebDAV. An exploit can also be included in specific document
types that support embedded shortcuts,” Microsoft said.
The first reports of the new vulnerability surfaced last week when malware researchers discovered a new Trojan called Stuxnet that uses the LNK vulnerability to infect machines via USB drives. There are are other vectors by which an attacker could exploit the vulnerability, including via a shared drive or WebDAV, Microsoft said.
The Microsoft advisory on the LNK flaw says that the company is working on a patch for the vulnerability, but does not specify a time frame for a patch release. The next scheduled Patch Tuesday release would be August 10, but Microsoft could release an out-of-band patch before then.
